CVE-2020-13444

Posted on 2020년 6월 11일2020년 6월 11일 by admin

CVE-2020-13444

Liferay Portal 7.x before 7.3.2, and Liferay DXP 7.0 before fix pack 92, 7.1 before fix pack 19, and 7.2 before fix pack 7, does not sanitize the information returned by the DDMDataProvider API, which allows remote authenticated users to obtain the password to REST Data Providers.

Source: CVE-2020-13444

답글 남기기 응답 취소